Electronic messaging is an efficient and relatively inexpensive medium of communication. While these two characteristics are mostly advantageous to its users, they also have generated a nuisance in the form of undesired electronic messages.
For example, in electronic mail messaging (email), it is common to receive a relatively high volume of unsolicited and often undesired messages including predominantly publicity and swindle attempts, commonly known under the name of “SPAM”, and malicious programs, such as viruses and worms, for example.
While it may look like a minor nuisance, SPAM is in fact a major problem. Often, SPAM messages received by a user outnumber legitimate messages. Accordingly, there is a need to spend resources for storing, transmitting and filtering these messages.
Many methods have been proposed to alleviate this problem. Unfortunately, they mostly have proven to be unsatisfactory.
For example, one such method uses rules for filtering incoming mail messages. These rules typically label an incoming electronic mail message as being either a legitimate message or a SPAM message. SPAM messages are automatically deleted or stored separately from legitimate messages. Legitimate messages are stored in an incoming email box and readily accessible by the user.
Unfortunately, none of the proposed method is able to automatically identify correctly all SPAM messages as such and all legitimate messages as such. Since classifying a legitimate message as SPAM usually has much worse consequences than classifying a SPAM message as legitimate, these rules typically leave at least a few SPAM messages to be delivered to the incoming email box of the user.
In addition, those who send SPAM, the SPAMMERS, typically monitor and analyze the software used to implement the rules to write and send the SPAM such that it is classified as legitimate.
Another method for reducing SPAM includes only publicizing one's email address to certain other email users from whom emails are desired. Unfortunately, using this method prevents email users other that the certain other email users to send email messages that are properly delivered. Accordingly, this method is of limited use for many businesses and is at most useful in very specific settings. Also, if for any reason the secret email address becomes known to a SPAMMER or to a party that provides email addresses to SPAMMERS, the address becomes useless as a secret address and must be discarded.
In a related method, an identifier is associated with the address. The identifier is distributed only to trusted parties from which the reception of email messages is desired. The identifier in included in email messages sent by these parties. Only email messages including the identifier are delivered to the user's incoming email box. If for any reason the identifier becomes compromised, the user typically modifies the identifier and sends the new identifier to the trusted parties. However, as in the “secret email address” method, unknown parties that are potential trusted parties cannot send email messages that are properly received by the user. Also, if a user wishes to use commercial systems for ordering though email or mailing lists, for example, the identifier needs to be publicized and is likely to find its way to SPAMMERS.
In another method, there is no identifier and the user maintains a list of trusted parties, either manually or with the help of software-implemented heuristics. Incoming email messages are delivered only if they come from a trusted party. Once more, unknown parties that are potential trusted parties cannot send email messages that are properly received by the user.
To try to circumvent this problem, an additional step is performed. Instead of automatically discarding messages coming from unknown parties, a reply message is sent in response to the incoming message, the reply message including a challenge that is designed to be relatively easily answered by a person and relatively hardly answered by a machine. The incoming email message is delivered to the user's inbox only if a satisfactory response to the challenge arrives within a predetermined time interval. This method is based on the fact that SPAMMERs typically forge a reply address. Accordingly, a SPAM message will never receive a reply to the challenge. Also, even if the reply address is legitimate, it would typically be economically unfeasible to have a person replying to all challenge messages as response rates to SPAM are typically very small.
A disadvantage with this method occurs when two users, say A and B each use an email system that implements the challenge method. In this case, if for example A writes and email to B, and A is not a trusted party for B, B will reply with a challenge. However, because B may not be a trusted party for A, A will also reply with a challenge to the challenge. This creates an endless loop wherein A and B will never exchange content through email.
Accordingly, there exists a need for new and improved methods and devices for filtering electronic messages.